diff options
20 files changed, 151 insertions, 158 deletions
diff --git a/api/system-removed.txt b/api/system-removed.txt index 961026b827e8..b88c760a04c1 100644 --- a/api/system-removed.txt +++ b/api/system-removed.txt @@ -81,7 +81,7 @@ package android.net.wifi { package android.os { public class Build { - field public static final boolean PERMISSIONS_REVIEW_REQUIRED; + field public static final boolean PERMISSIONS_REVIEW_REQUIRED = true; } public final class PowerManager { diff --git a/api/test-current.txt b/api/test-current.txt index b8acfdb7a7e4..5bd6dc8773a5 100644 --- a/api/test-current.txt +++ b/api/test-current.txt @@ -266,6 +266,7 @@ package android.content.pm { } public abstract class PackageManager { + method public abstract boolean arePermissionsIndividuallyControlled(); method public abstract java.lang.String getDefaultBrowserPackageNameAsUser(int); method public abstract int getInstallReason(java.lang.String, android.os.UserHandle); method public abstract java.util.List<android.content.pm.ApplicationInfo> getInstalledApplicationsAsUser(int, int); @@ -275,7 +276,6 @@ package android.content.pm { method public abstract java.lang.String getServicesSystemSharedLibraryPackageName(); method public abstract java.lang.String getSharedSystemSharedLibraryPackageName(); method public abstract void grantRuntimePermission(java.lang.String, java.lang.String, android.os.UserHandle); - method public abstract boolean isPermissionReviewModeEnabled(); method public abstract void revokeRuntimePermission(java.lang.String, java.lang.String, android.os.UserHandle); field public static final java.lang.String FEATURE_ADOPTABLE_STORAGE = "android.software.adoptable_storage"; field public static final java.lang.String FEATURE_FILE_BASED_ENCRYPTION = "android.software.file_based_encryption"; diff --git a/core/java/android/app/ApplicationPackageManager.java b/core/java/android/app/ApplicationPackageManager.java index 344610a5375f..09a614c8649e 100644 --- a/core/java/android/app/ApplicationPackageManager.java +++ b/core/java/android/app/ApplicationPackageManager.java @@ -342,9 +342,15 @@ public class ApplicationPackageManager extends PackageManager { } @Override - public boolean isPermissionReviewModeEnabled() { + public boolean arePermissionsIndividuallyControlled() { return mContext.getResources().getBoolean( - com.android.internal.R.bool.config_permissionReviewRequired); + com.android.internal.R.bool.config_permissionsIndividuallyControlled); + } + + @Override + public boolean isWirelessConsentModeEnabled() { + return mContext.getResources().getBoolean( + com.android.internal.R.bool.config_wirelessConsentRequired); } @Override diff --git a/core/java/android/content/pm/PackageManager.java b/core/java/android/content/pm/PackageManager.java index ce551ee6d5ae..c0b3400d835d 100644 --- a/core/java/android/content/pm/PackageManager.java +++ b/core/java/android/content/pm/PackageManager.java @@ -3269,12 +3269,19 @@ public abstract class PackageManager { @PermissionInfoFlags int flags) throws NameNotFoundException; /** - * Returns true if Permission Review Mode is enabled, false otherwise. + * Returns true if some permissions are individually controlled * * @hide */ @TestApi - public abstract boolean isPermissionReviewModeEnabled(); + public abstract boolean arePermissionsIndividuallyControlled(); + + /** + * Returns true if wireless consent mode is enabled + * + * @hide + */ + public abstract boolean isWirelessConsentModeEnabled(); /** * Retrieve all of the information we know about a particular group of diff --git a/core/java/android/os/Build.java b/core/java/android/os/Build.java index e71f4e93b658..25a5e91dba49 100644 --- a/core/java/android/os/Build.java +++ b/core/java/android/os/Build.java @@ -1114,8 +1114,7 @@ public class Build { * @removed */ @SystemApi - public static final boolean PERMISSIONS_REVIEW_REQUIRED = - SystemProperties.getInt("ro.permission_review_required", 0) == 1; + public static final boolean PERMISSIONS_REVIEW_REQUIRED = true; /** * Returns the version string for the radio firmware. May return diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml index 472df1a4ab70..c2ff9c9d662b 100644 --- a/core/res/AndroidManifest.xml +++ b/core/res/AndroidManifest.xml @@ -1489,9 +1489,9 @@ android:protectionLevel="signature|privileged" /> <!-- @hide Allows internal management of Wi-Fi connectivity state when on - permission review mode. + wireless consent mode. <p>Not for use by third-party applications. --> - <permission android:name="android.permission.MANAGE_WIFI_WHEN_PERMISSION_REVIEW_REQUIRED" + <permission android:name="android.permission.MANAGE_WIFI_WHEN_WIRELESS_CONSENT_REQUIRED" android:protectionLevel="signature" /> <!-- #SystemApi @hide Allows an app to bypass Private DNS. @@ -1590,9 +1590,9 @@ <permission android:name="android.permission.NFC_HANDOVER_STATUS" android:protectionLevel="signature|privileged" /> - <!-- @hide Allows internal management of Bluetooth state when on permission review mode. + <!-- @hide Allows internal management of Bluetooth state when on wireless consent mode. <p>Not for use by third-party applications. --> - <permission android:name="android.permission.MANAGE_BLUETOOTH_WHEN_PERMISSION_REVIEW_REQUIRED" + <permission android:name="android.permission.MANAGE_BLUETOOTH_WHEN_WIRELESS_CONSENT_REQUIRED" android:protectionLevel="signature" /> <!-- ================================== --> diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml index 14c9215bce66..3053fa11f80a 100644 --- a/core/res/res/values/config.xml +++ b/core/res/res/values/config.xml @@ -3224,12 +3224,11 @@ <string-array translatable="false" name="config_defaultFirstUserRestrictions"> </string-array> - <!-- Specifies whether the permissions needed by a legacy app should be - reviewed before any of its components can run. A legacy app is one - with targetSdkVersion < 23, i.e apps using the old permission model. - If review is not required, permissions are reviewed before the app - is installed. --> - <bool name="config_permissionReviewRequired">false</bool> + <!-- Specifies whether certain permissions should be individually controlled. --> + <bool name="config_permissionsIndividuallyControlled">false</bool> + + <!-- Specifies whether the user has to give consent to manage wireless (wifi + bluetooth). --> + <bool name="config_wirelessConsentRequired">false</bool> <!-- Default value for android:focusableInTouchMode for some framework scrolling containers. ListView/GridView are notably absent since this is their default anyway. diff --git a/core/res/res/values/symbols.xml b/core/res/res/values/symbols.xml index 03f965b6d900..1c66b2b8ca41 100644 --- a/core/res/res/values/symbols.xml +++ b/core/res/res/values/symbols.xml @@ -3006,7 +3006,8 @@ <!-- Default first user restrictions --> <java-symbol type="array" name="config_defaultFirstUserRestrictions" /> - <java-symbol type="bool" name="config_permissionReviewRequired" /> + <java-symbol type="bool" name="config_permissionsIndividuallyControlled" /> + <java-symbol type="bool" name="config_wirelessConsentRequired" /> <!-- Global actions icons --> <java-symbol type="drawable" name="ic_restart" /> diff --git a/packages/Shell/AndroidManifest.xml b/packages/Shell/AndroidManifest.xml index f811665c91ea..da870bd134bf 100644 --- a/packages/Shell/AndroidManifest.xml +++ b/packages/Shell/AndroidManifest.xml @@ -144,11 +144,9 @@ <uses-permission android:name="android.permission.MANAGE_SENSORS" /> <uses-permission android:name="android.permission.MANAGE_AUDIO_POLICY" /> <uses-permission android:name="android.permission.MANAGE_CAMERA" /> - <!-- Permission needed to enable/disable Bluetooth/Wifi when on permission review mode --> - <uses-permission - android:name="android.permission.MANAGE_BLUETOOTH_WHEN_PERMISSION_REVIEW_REQUIRED" /> - <uses-permission - android:name="android.permission.MANAGE_WIFI_WHEN_PERMISSION_REVIEW_REQUIRED" /> + <!-- Permission needed to enable/disable Bluetooth/Wifi --> + <uses-permission android:name="android.permission.MANAGE_BLUETOOTH_WHEN_WIRELESS_CONSENT_REQUIRED" /> + <uses-permission android:name="android.permission.MANAGE_WIFI_WHEN_WIRELESS_CONSENT_REQUIRED" /> <uses-permission android:name="android.permission.WATCH_APPOPS" /> <uses-permission android:name="android.permission.CONTROL_KEYGUARD" /> diff --git a/services/core/java/com/android/server/BluetoothManagerService.java b/services/core/java/com/android/server/BluetoothManagerService.java index 78b738500a97..f81541e525b2 100644 --- a/services/core/java/com/android/server/BluetoothManagerService.java +++ b/services/core/java/com/android/server/BluetoothManagerService.java @@ -211,7 +211,7 @@ class BluetoothManagerService extends IBluetoothManager.Stub { // bluetooth profile services private final Map<Integer, ProfileServiceConnections> mProfileServices = new HashMap<>(); - private final boolean mPermissionReviewRequired; + private final boolean mWirelessConsentRequired; private final IBluetoothCallback mBluetoothCallback = new IBluetoothCallback.Stub() { @Override @@ -368,8 +368,8 @@ class BluetoothManagerService extends IBluetoothManager.Stub { mContext = context; - mPermissionReviewRequired = context.getResources() - .getBoolean(com.android.internal.R.bool.config_permissionReviewRequired); + mWirelessConsentRequired = context.getResources() + .getBoolean(com.android.internal.R.bool.config_wirelessConsentRequired); mCrashes = 0; mBluetooth = null; @@ -885,7 +885,7 @@ class BluetoothManagerService extends IBluetoothManager.Stub { mContext.enforceCallingOrSelfPermission(BLUETOOTH_ADMIN_PERM, "Need BLUETOOTH ADMIN permission"); - if (!isEnabled() && mPermissionReviewRequired && startConsentUiIfNeeded(packageName, + if (!isEnabled() && mWirelessConsentRequired && startConsentUiIfNeeded(packageName, callingUid, BluetoothAdapter.ACTION_REQUEST_ENABLE)) { return false; } @@ -922,7 +922,7 @@ class BluetoothManagerService extends IBluetoothManager.Stub { mContext.enforceCallingOrSelfPermission(BLUETOOTH_ADMIN_PERM, "Need BLUETOOTH ADMIN permission"); - if (isEnabled() && mPermissionReviewRequired && startConsentUiIfNeeded(packageName, + if (isEnabled() && mWirelessConsentRequired && startConsentUiIfNeeded(packageName, callingUid, BluetoothAdapter.ACTION_REQUEST_DISABLE)) { return false; } @@ -945,7 +945,7 @@ class BluetoothManagerService extends IBluetoothManager.Stub { private boolean startConsentUiIfNeeded(String packageName, int callingUid, String intentAction) throws RemoteException { - if (checkBluetoothPermissionWhenPermissionReviewRequired()) { + if (checkBluetoothPermissionWhenWirelessConsentRequired()) { return false; } try { @@ -978,21 +978,18 @@ class BluetoothManagerService extends IBluetoothManager.Stub { /** * Check if the caller must still pass permission check or if the caller is exempted - * from the consent UI via the MANAGE_BLUETOOTH_WHEN_PERMISSION_REVIEW_REQUIRED check. + * from the consent UI via the MANAGE_BLUETOOTH_WHEN_WIRELESS_CONSENT_REQUIRED check. * * Commands from some callers may be exempted from triggering the consent UI when * enabling bluetooth. This exemption is checked via the - * MANAGE_BLUETOOTH_WHEN_PERMISSION_REVIEW_REQUIRED and allows calls to skip + * MANAGE_BLUETOOTH_WHEN_WIRELESS_CONSENT_REQUIRED and allows calls to skip * the consent UI where it may otherwise be required. * * @hide */ - private boolean checkBluetoothPermissionWhenPermissionReviewRequired() { - if (!mPermissionReviewRequired) { - return false; - } + private boolean checkBluetoothPermissionWhenWirelessConsentRequired() { int result = mContext.checkCallingPermission( - android.Manifest.permission.MANAGE_BLUETOOTH_WHEN_PERMISSION_REVIEW_REQUIRED); + android.Manifest.permission.MANAGE_BLUETOOTH_WHEN_WIRELESS_CONSENT_REQUIRED); return result == PackageManager.PERMISSION_GRANTED; } diff --git a/services/core/java/com/android/server/am/ActiveServices.java b/services/core/java/com/android/server/am/ActiveServices.java index 9c55de7ec72d..286e1f0899b0 100644 --- a/services/core/java/com/android/server/am/ActiveServices.java +++ b/services/core/java/com/android/server/am/ActiveServices.java @@ -519,12 +519,11 @@ public final class ActiveServices { // we do not start the service and launch a review activity if the calling app // is in the foreground passing it a pending intent to start the service when // review is completed. - if (mAm.mPermissionReviewRequired) { - // XXX This is not dealing with fgRequired! - if (!requestStartTargetPermissionsReviewIfNeededLocked(r, callingPackage, - callingUid, service, callerFg, userId)) { - return null; - } + + // XXX This is not dealing with fgRequired! + if (!requestStartTargetPermissionsReviewIfNeededLocked(r, callingPackage, + callingUid, service, callerFg, userId)) { + return null; } if (unscheduleServiceRestartLocked(r, callingUid, false)) { @@ -1535,75 +1534,73 @@ public final class ActiveServices { // we schedule binding to the service but do not start its process, then // we launch a review activity to which is passed a callback to invoke // when done to start the bound service's process to completing the binding. - if (mAm.mPermissionReviewRequired) { - if (mAm.getPackageManagerInternalLocked().isPermissionsReviewRequired( - s.packageName, s.userId)) { + if (mAm.getPackageManagerInternalLocked().isPermissionsReviewRequired( + s.packageName, s.userId)) { - permissionsReviewRequired = true; + permissionsReviewRequired = true; - // Show a permission review UI only for binding from a foreground app - if (!callerFg) { - Slog.w(TAG, "u" + s.userId + " Binding to a service in package" - + s.packageName + " requires a permissions review"); - return 0; - } + // Show a permission review UI only for binding from a foreground app + if (!callerFg) { + Slog.w(TAG, "u" + s.userId + " Binding to a service in package" + + s.packageName + " requires a permissions review"); + return 0; + } - final ServiceRecord serviceRecord = s; - final Intent serviceIntent = service; + final ServiceRecord serviceRecord = s; + final Intent serviceIntent = service; - RemoteCallback callback = new RemoteCallback( - new RemoteCallback.OnResultListener() { - @Override - public void onResult(Bundle result) { - synchronized(mAm) { - final long identity = Binder.clearCallingIdentity(); - try { - if (!mPendingServices.contains(serviceRecord)) { - return; - } - // If there is still a pending record, then the service - // binding request is still valid, so hook them up. We - // proceed only if the caller cleared the review requirement - // otherwise we unbind because the user didn't approve. - if (!mAm.getPackageManagerInternalLocked() - .isPermissionsReviewRequired( - serviceRecord.packageName, - serviceRecord.userId)) { - try { - bringUpServiceLocked(serviceRecord, - serviceIntent.getFlags(), - callerFg, false, false); - } catch (RemoteException e) { - /* ignore - local call */ - } - } else { - unbindServiceLocked(connection); + RemoteCallback callback = new RemoteCallback( + new RemoteCallback.OnResultListener() { + @Override + public void onResult(Bundle result) { + synchronized(mAm) { + final long identity = Binder.clearCallingIdentity(); + try { + if (!mPendingServices.contains(serviceRecord)) { + return; + } + // If there is still a pending record, then the service + // binding request is still valid, so hook them up. We + // proceed only if the caller cleared the review requirement + // otherwise we unbind because the user didn't approve. + if (!mAm.getPackageManagerInternalLocked() + .isPermissionsReviewRequired( + serviceRecord.packageName, + serviceRecord.userId)) { + try { + bringUpServiceLocked(serviceRecord, + serviceIntent.getFlags(), + callerFg, false, false); + } catch (RemoteException e) { + /* ignore - local call */ } - } finally { - Binder.restoreCallingIdentity(identity); + } else { + unbindServiceLocked(connection); } + } finally { + Binder.restoreCallingIdentity(identity); } } - }); - - final Intent intent = new Intent(Intent.ACTION_REVIEW_PERMISSIONS); - intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK - | Intent.FLAG_ACTIVITY_EXCLUDE_FROM_RECENTS); - intent.putExtra(Intent.EXTRA_PACKAGE_NAME, s.packageName); - intent.putExtra(Intent.EXTRA_REMOTE_CALLBACK, callback); - - if (DEBUG_PERMISSIONS_REVIEW) { - Slog.i(TAG, "u" + s.userId + " Launching permission review for package " - + s.packageName); } + }); - mAm.mHandler.post(new Runnable() { - @Override - public void run() { - mAm.mContext.startActivityAsUser(intent, new UserHandle(userId)); - } - }); + final Intent intent = new Intent(Intent.ACTION_REVIEW_PERMISSIONS); + intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK + | Intent.FLAG_ACTIVITY_EXCLUDE_FROM_RECENTS); + intent.putExtra(Intent.EXTRA_PACKAGE_NAME, s.packageName); + intent.putExtra(Intent.EXTRA_REMOTE_CALLBACK, callback); + + if (DEBUG_PERMISSIONS_REVIEW) { + Slog.i(TAG, "u" + s.userId + " Launching permission review for package " + + s.packageName); } + + mAm.mHandler.post(new Runnable() { + @Override + public void run() { + mAm.mContext.startActivityAsUser(intent, new UserHandle(userId)); + } + }); } final long origId = Binder.clearCallingIdentity(); diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java index d0318502ab13..cd8f5d3a9070 100644 --- a/services/core/java/com/android/server/am/ActivityManagerService.java +++ b/services/core/java/com/android/server/am/ActivityManagerService.java @@ -1591,8 +1591,6 @@ public class ActivityManagerService extends IActivityManager.Stub PackageManagerInternal mPackageManagerInt; - final boolean mPermissionReviewRequired; - boolean mHasHeavyWeightFeature; /** @@ -2561,7 +2559,6 @@ public class ActivityManagerService extends IActivityManager.Stub mHandler = null; mHandlerThread = null; mIntentFirewall = null; - mPermissionReviewRequired = false; mProcessCpuThread = null; mProcessStats = null; mProviderMap = null; @@ -2587,9 +2584,6 @@ public class ActivityManagerService extends IActivityManager.Stub Slog.i(TAG, "Memory class: " + ActivityManager.staticGetMemoryClass()); - mPermissionReviewRequired = mContext.getResources().getBoolean( - com.android.internal.R.bool.config_permissionReviewRequired); - mHandlerThread = new ServiceThread(TAG, THREAD_PRIORITY_FOREGROUND, false /*allowIo*/); mHandlerThread.start(); @@ -9383,10 +9377,8 @@ public class ActivityManagerService extends IActivityManager.Stub // If permissions need a review before any of the app components can run, // we return no provider and launch a review activity if the calling app // is in the foreground. - if (mPermissionReviewRequired) { - if (!requestTargetProviderPermissionsReviewIfNeededLocked(cpi, r, userId)) { - return null; - } + if (!requestTargetProviderPermissionsReviewIfNeededLocked(cpi, r, userId)) { + return null; } try { diff --git a/services/core/java/com/android/server/am/ActivityStarter.java b/services/core/java/com/android/server/am/ActivityStarter.java index 0572ca936f64..4378ccbebf0d 100644 --- a/services/core/java/com/android/server/am/ActivityStarter.java +++ b/services/core/java/com/android/server/am/ActivityStarter.java @@ -771,7 +771,7 @@ class ActivityStarter { // If permissions need a review before any of the app components can run, we // launch the review activity and pass a pending intent to start the activity // we are to launching now after the review is completed. - if (mService.mAm.mPermissionReviewRequired && aInfo != null) { + if (aInfo != null) { if (mService.mAm.getPackageManagerInternalLocked().isPermissionsReviewRequired( aInfo.packageName, userId)) { IIntentSender target = mService.mAm.getIntentSenderLocked( diff --git a/services/core/java/com/android/server/am/BroadcastQueue.java b/services/core/java/com/android/server/am/BroadcastQueue.java index a9fd51d93fe4..046cfc7820b5 100644 --- a/services/core/java/com/android/server/am/BroadcastQueue.java +++ b/services/core/java/com/android/server/am/BroadcastQueue.java @@ -664,12 +664,10 @@ public final class BroadcastQueue { // the broadcast and if the calling app is in the foreground and the broadcast is // explicit we launch the review UI passing it a pending intent to send the skipped // broadcast. - if (mService.mPermissionReviewRequired) { - if (!requestStartTargetPermissionsReviewIfNeededLocked(r, filter.packageName, - filter.owningUserId)) { - r.delivery[index] = BroadcastRecord.DELIVERY_SKIPPED; - return; - } + if (!requestStartTargetPermissionsReviewIfNeededLocked(r, filter.packageName, + filter.owningUserId)) { + r.delivery[index] = BroadcastRecord.DELIVERY_SKIPPED; + return; } r.delivery[index] = BroadcastRecord.DELIVERY_DELIVERED; @@ -1240,7 +1238,7 @@ public final class BroadcastQueue { // the broadcast and if the calling app is in the foreground and the broadcast is // explicit we launch the review UI passing it a pending intent to send the skipped // broadcast. - if (mService.mPermissionReviewRequired && !skip) { + if (!skip) { if (!requestStartTargetPermissionsReviewIfNeededLocked(r, info.activityInfo.packageName, UserHandle.getUserId( info.activityInfo.applicationInfo.uid))) { diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java index 30224d27908d..666111bdef04 100644 --- a/services/core/java/com/android/server/pm/PackageManagerService.java +++ b/services/core/java/com/android/server/pm/PackageManagerService.java @@ -19531,8 +19531,7 @@ public class PackageManagerService extends IPackageManager.Stub // If permission review is enabled and this is a legacy app, mark the // permission as requiring a review as this is the initial state. int flags = 0; - if (mSettings.mPermissions.mPermissionReviewRequired - && ps.pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) { + if (ps.pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M) { flags |= FLAG_PERMISSION_REVIEW_REQUIRED; } if (permissionsState.updatePermissionFlags(bp, userId, userSettableMask, flags)) { @@ -23362,17 +23361,10 @@ public class PackageManagerService extends IPackageManager.Stub void onNewUserCreated(final int userId) { mDefaultPermissionPolicy.grantDefaultPermissions(userId); synchronized(mPackages) { - // If permission review for legacy apps is required, we represent - // dagerous permissions for such apps as always granted runtime - // permissions to keep per user flag state whether review is needed. - // Hence, if a new user is added we have to propagate dangerous - // permission grants for these legacy apps. - if (mSettings.mPermissions.mPermissionReviewRequired) { -// NOTE: This adds UPDATE_PERMISSIONS_REPLACE_PKG - mPermissionManager.updateAllPermissions( - StorageManager.UUID_PRIVATE_INTERNAL, true, mPackages.values(), - mPermissionCallback); - } + // NOTE: This adds UPDATE_PERMISSIONS_REPLACE_PKG + mPermissionManager.updateAllPermissions( + StorageManager.UUID_PRIVATE_INTERNAL, true, mPackages.values(), + mPermissionCallback); } } diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java index 8a6fbaa646d3..76832ed3f4f9 100644 --- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java +++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java @@ -161,7 +161,7 @@ public class PermissionManagerService { mLock = externalLock; mPackageManagerInt = LocalServices.getService(PackageManagerInternal.class); mUserManagerInt = LocalServices.getService(UserManagerInternal.class); - mSettings = new PermissionSettings(context, mLock); + mSettings = new PermissionSettings(mLock); mHandlerThread = new ServiceThread(TAG, Process.THREAD_PRIORITY_BACKGROUND, true /*allowIo*/); @@ -845,10 +845,7 @@ public class PermissionManagerService { // their permissions as always granted runtime ones since we need // to keep the review required permission flag per user while an // install permission's state is shared across all users. - if (!appSupportsRuntimePermissions && !mSettings.mPermissionReviewRequired) { - // For legacy apps dangerous permissions are install time ones. - grant = GRANT_INSTALL; - } else if (origPermissions.hasInstallPermission(bp.getName())) { + if (origPermissions.hasInstallPermission(bp.getName())) { // For legacy apps that became modern, install becomes runtime. grant = GRANT_UPGRADE; } else if (isLegacySystemApp) { @@ -934,7 +931,7 @@ public class PermissionManagerService { updatedUserIds = ArrayUtils.appendInt( updatedUserIds, userId); } - if (!mSettings.mPermissionReviewRequired || !revokeOnUpgrade) { + if (!revokeOnUpgrade) { if (permissionsState.grantRuntimePermission(bp, userId) == PermissionsState.PERMISSION_OPERATION_FAILURE) { // If we cannot put the permission as it was, @@ -945,8 +942,7 @@ public class PermissionManagerService { } // If the app supports runtime permissions no need for a review. - if (mSettings.mPermissionReviewRequired - && appSupportsRuntimePermissions + if (appSupportsRuntimePermissions && (flags & PackageManager .FLAG_PERMISSION_REVIEW_REQUIRED) != 0) { flags &= ~PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED; @@ -954,8 +950,7 @@ public class PermissionManagerService { updatedUserIds = ArrayUtils.appendInt( updatedUserIds, userId); } - } else if (mSettings.mPermissionReviewRequired - && !appSupportsRuntimePermissions) { + } else if (!appSupportsRuntimePermissions) { // For legacy apps that need a permission review, every new // runtime permission is granted but it is pending a review. // We also need to review only platform defined runtime @@ -1329,10 +1324,6 @@ public class PermissionManagerService { } private boolean isPermissionsReviewRequired(PackageParser.Package pkg, int userId) { - if (!mSettings.mPermissionReviewRequired) { - return false; - } - // Permission review applies only to apps not supporting the new permission model. if (pkg.applicationInfo.targetSdkVersion >= Build.VERSION_CODES.M) { return false; @@ -1434,7 +1425,7 @@ public class PermissionManagerService { grantRuntimePermission(permission, pkg.packageName, false, callingUid, userId, callback); } - } else if (mSettings.mPermissionReviewRequired) { + } else { // In permission review mode we clear the review flag when we // are asked to install the app with all permissions granted. if ((flags & PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED) != 0) { @@ -1485,8 +1476,7 @@ public class PermissionManagerService { // their permissions as always granted runtime ones since we need // to keep the review required permission flag per user while an // install permission's state is shared across all users. - if (mSettings.mPermissionReviewRequired - && pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M + if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M && bp.isRuntime()) { return; } @@ -1607,8 +1597,7 @@ public class PermissionManagerService { // their permissions as always granted runtime ones since we need // to keep the review required permission flag per user while an // install permission's state is shared across all users. - if (mSettings.mPermissionReviewRequired - && pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M + if (pkg.applicationInfo.targetSdkVersion < Build.VERSION_CODES.M && bp.isRuntime()) { return; } diff --git a/services/core/java/com/android/server/pm/permission/PermissionSettings.java b/services/core/java/com/android/server/pm/permission/PermissionSettings.java index b3f2833a52f1..920803241b49 100644 --- a/services/core/java/com/android/server/pm/permission/PermissionSettings.java +++ b/services/core/java/com/android/server/pm/permission/PermissionSettings.java @@ -47,8 +47,6 @@ import java.util.Set; */ public class PermissionSettings { - public final boolean mPermissionReviewRequired; - /** * All of the permissions known to the system. The mapping is from permission * name to permission object. @@ -82,9 +80,7 @@ public class PermissionSettings { private final Object mLock; - PermissionSettings(@NonNull Context context, @NonNull Object lock) { - mPermissionReviewRequired = - context.getResources().getBoolean(R.bool.config_permissionReviewRequired); + PermissionSettings(@NonNull Object lock) { mLock = lock; } diff --git a/services/tests/servicestests/src/com/android/server/am/ActivityStarterTests.java b/services/tests/servicestests/src/com/android/server/am/ActivityStarterTests.java index 19a3e4a17c20..f07e503c0a72 100644 --- a/services/tests/servicestests/src/com/android/server/am/ActivityStarterTests.java +++ b/services/tests/servicestests/src/com/android/server/am/ActivityStarterTests.java @@ -41,6 +41,7 @@ import android.content.pm.ActivityInfo; import android.content.pm.ActivityInfo.WindowLayout; import android.content.pm.ApplicationInfo; import android.content.pm.IPackageManager; +import android.content.pm.PackageManagerInternal; import android.graphics.Rect; import android.os.IBinder; import android.os.RemoteException; @@ -327,6 +328,16 @@ public class ActivityStarterTests extends ActivityTestsBase { doReturn(stack).when(mService.mStackSupervisor) .getLaunchStack(any(), any(), any(), anyBoolean(), anyInt()); + // Set up mock package manager internal and make sure no unmocked methods are called + PackageManagerInternal mockPackageManager = mock(PackageManagerInternal.class, + invocation -> { + throw new RuntimeException("Not stubbed"); + }); + doReturn(mockPackageManager).when(mService.mAm).getPackageManagerInternalLocked(); + + // Never review permissions + doReturn(false).when(mockPackageManager).isPermissionsReviewRequired(any(), anyInt()); + final Intent intent = new Intent(); intent.addFlags(launchFlags); intent.setComponent(ActivityBuilder.getDefaultComponent()); diff --git a/services/tests/servicestests/src/com/android/server/backup/testutils/PackageManagerStub.java b/services/tests/servicestests/src/com/android/server/backup/testutils/PackageManagerStub.java index 2d5afadbf9f8..525135c6fc5a 100644 --- a/services/tests/servicestests/src/com/android/server/backup/testutils/PackageManagerStub.java +++ b/services/tests/servicestests/src/com/android/server/backup/testutils/PackageManagerStub.java @@ -134,7 +134,12 @@ public class PackageManagerStub extends PackageManager { } @Override - public boolean isPermissionReviewModeEnabled() { + public boolean arePermissionsIndividuallyControlled() { + return false; + } + + @Override + public boolean isWirelessConsentModeEnabled() { return false; } diff --git a/test-mock/src/android/test/mock/MockPackageManager.java b/test-mock/src/android/test/mock/MockPackageManager.java index c2aca6b4c185..89734e35c13f 100644 --- a/test-mock/src/android/test/mock/MockPackageManager.java +++ b/test-mock/src/android/test/mock/MockPackageManager.java @@ -159,7 +159,13 @@ public class MockPackageManager extends PackageManager { /** @hide */ @Override - public boolean isPermissionReviewModeEnabled() { + public boolean arePermissionsIndividuallyControlled() { + return false; + } + + /** @hide */ + @Override + public boolean isWirelessConsentModeEnabled() { return false; } |